CVE-2026-6350
Deferred Deferred - Pending Action
Stack-Based Buffer Overflow in MailGates Enables Remote Code Execution

Publication date: 2026-04-16

Last updated on: 2026-05-19

Assigner: TWCERT/CC

Description
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-16
Last Modified
2026-05-19
Generated
2026-06-16
AI Q&A
2026-04-16
EPSS Evaluated
2026-06-14
NVD
CVE-2026-6350
EUVD
EUVD-2026-23166
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
openfind mailgates to 5.2.10.099 (exc)
openfind mailgates to 6.1.10.054 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-6350 is a critical stack-based buffer overflow vulnerability in Openfind's MailGates/MailAudit software versions prior to 6.1.10.054 (6.0 series) and 5.2.10.099 (5.0 series).

This vulnerability allows unauthenticated remote attackers to manipulate the program's execution flow and execute arbitrary code on the affected system.

Compliance Impact

The provided information does not specify how the CVE-2026-6350 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

An attacker exploiting this vulnerability can gain control over the affected MailGates/MailAudit program's execution, potentially allowing them to run arbitrary code remotely without any authentication.

This can lead to full compromise of the system running the vulnerable software, including unauthorized access, data theft, or disruption of services.

Mitigation Strategies

To mitigate the CVE-2026-6350 vulnerability, you should update MailGates/MailAudit to a secure version.

  • For MailGates/MailAudit 6.0 series, update to version 6.1.10.054 or later.
  • For MailGates/MailAudit 5.0 series, update to version 5.2.10.099 or later.

These updates address the critical stack-based buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code.

Detection Guidance

The CVE-2026-6350 vulnerability affects MailGates/MailAudit versions prior to 6.1.10.054 (for 6.0 series) and prior to 5.2.10.099 (for 5.0 series). Detection primarily involves identifying the installed version of MailGates/MailAudit on your system.

To detect if your system is vulnerable, you can check the installed version of MailGates/MailAudit by running commands that query the software version. For example, if the software provides a command-line interface, you might use commands like:

  • mailgates --version
  • mailaudit --version

If these commands are not available, you may check the version via package management tools or by inspecting the software's installation directory or documentation.

Since this vulnerability allows unauthenticated remote exploitation, monitoring network traffic for suspicious activity targeting MailGates/MailAudit services could also help detect exploitation attempts, but specific detection commands or signatures are not provided in the available resources.

The recommended mitigation is to update MailGates/MailAudit to version 6.1.10.054 or later for the 6.0 series, or 5.2.10.099 or later for the 5.0 series.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6350. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart